<?php
$user_name=$_POST['user_name'];
$dealer=$_POST['isDealer'];
include 'dbconnect.php';
echo "<H3>Welcome ".$user_name."!</H3><br>";


if (isset($_POST['edit_info']))
{
	echo '<p>Profile successfully edited.</p>';
	$name = $_POST['name'];
	$passwd = $_POST['passwd'];
	$email = $_POST['email'];
	$phone = $_POST['phone'];
	$city = $_POST['city'];
	$state = $_POST['state'];
	
	$query ="update AllUsers set UserPassword = '$passwd' where LoginID = '$user_name'";
	$query2 = "update NonAdmins set Email = '$email', Telephone = '$telephone', City = '$city', State = '$state' where AllUsers_LoginID = '$user_name'";
	$query3 = "update RegisteredUser set Name='$name' where NonAdmins_AllUsers_LoginID = '$user_name'";
	
	mysqli_query($mysql, $query);
	mysqli_query($mysql, $query2);
	mysqli_query($mysql, $query3);
	
	echo'<form enctype="multipart/form-data" action="login.php" method="POST">
	<input type="submit" value="Return To Profile">
	<input type="hidden" name="name" value='.$name.'>
	<input type="hidden" name="password" value='.$passwd.'>
	</form>';
	
	
} 
if (isset($_POST['vehicle_del']))
{
	$name = $_POST['name'];
	$passwd = $_POST['password'];
	$vid = $_POST['vehicle_id'];
	
	$query = "delete from VehicleForSale where VehicleForSaleID = '$vid'";
	mysqli_query($mysql, $query);
	
	echo '<h3>Vehicle Deleted<h3>';
	
	echo'<form enctype="multipart/form-data" action="login.php" method="POST">
		<input type="submit" value="Return To Profile">
		<input type="hidden" name="name" value='.$name.'>
		<input type="hidden" name="password" value='.$passwd.'>
		</form>';
}
if (isset($_POST['edit_car_info']))
{
		$name = $_POST["name"];
		$passwd = $_POST["password"];
		$vid = $_POST["vid"];
		$make = $_POST["make"];
		$model = $_POST["model"];
		$vehicleyear = $_POST["vehicleyear"];
		$price = $_POST["price"];
		$mileage = $_POST["mileage"];
		$color = $_POST["color"];
		$engine = $_POST["engine"];
		$drivertype = $_POST["type"];
		$nodoors = $_POST["doors"];
		$description = $_POST["desc"];
		
		$query = "update VehicleForSale set Make = '$make', Model = '$model', VehicleYear = '$vehicleyear', Price = '$price'," .
				" Mileage = '$mileage', ExteriorColor = '$color', Engine = '$engine', DriverType = '$drivertype', " .
				"NoDoors = '$nodoors', Description = '$description' where VehicleForSaleID = '$vid'";
				
		mysqli_query($mysql, $query);
		
		echo'<form enctype="multipart/form-data" action="login.php" method="POST">
		<input type="submit" value="Return To Profile">
		<input type="hidden" name="name" value='.$name.'>
		<input type="hidden" name="password" value='.$passwd.'>
		</form>';
}

if (isset($_POST['vehicle_edit']))
{
	$vehicle_id = $_POST['vehicle_id'];
	$name = $_POST['name'];
	$passwd = $_POST['passwd'];
	$query = "SELECT * " .
         "FROM VehicleForSale WHERE VehicleForSaleID = '$vehicle_id'";
		 
	if($result = mysqli_query($mysql, $query))
	{
		$row = mysqli_fetch_assoc($result);
		$make = $row["Make"];
		$model = $row["Model"];
		$vehicleyear = $row["VehicleYear"];
		$price = $row["Price"];
		$mileage = $row["Mileage"];
		$color = $row["ExteriorColor"];
		$engine = $row["Engine"];
		$drivertype = $row["DriverType"];
		$nodoors = $row["NoDoors"];
		$description = $row["Description"];
	}
	
	echo '
	<form method="post" action="edit.php">
		 <br>Make:
		 <br><input type="text" name="make" value='.$make.'>
		 <br>
		 
		 <br>Model:
		 <br><input type="text" name="model" value='.$model.'>
		 <br>
		 
		 <br>Vehicle Year:
		 <br><input type="text" name="vehicleyear" value='.$vehicleyear.'>
		 <br>
		 
		 <br>Price:
		 <br><input type="text" name="price" value='.$price.'>
		 <br>
		 
		 <br>Mileage:
		 <br><input type="text" name="mileage" value='.$mileage.'>
		 <br>
		 
		 <br>Color:
		 <br><input type="text" name="color" value='.$color.'>
		 <br>
		 
		 <br>Engine:
		 <br><input type="text" name="engine" value='.$engine.'>
		 <br>
		 
		 <br>Driver Type:
		 <br><input type="text" name="type" value='.$drivertype.'>
		 <br>
		 
		 <br>Number of doors:
		 <br><input type="text" name="doors" value='.$nodoors.'>
		 <br>
		 
		 <br>Description:
		 <br><input type="text" name="desc" value='.$description.'>
		 <br>
		 <input type="hidden" name="vid" value='.$vehicle_id.' />
		 <input type="hidden" name="name" value='.$name.'>
		<input type="hidden" name="password" value='.$passwd.'>
		 <input type="submit" name="edit_car_info" value="Submit Changes" /> 
	</form>
	';
}
if (isset($_POST['act_edit']))

{
	echo "<p>Update your profile here.</p>";
	$query ="select UserPassword from AllUsers where LoginID = '$user_name'";
	$query2 = "select Email, Telephone, City, State from NonAdmins where AllUsers_LoginID = '$user_name'";
	$query3 = "select Name from RegisteredUser where NonAdmins_AllUsers_LoginID = '$user_name'";
	
	if ($result  = mysqli_query($mysql,$query)) {
    $row = mysqli_fetch_assoc($result);
    $passwd = $row["UserPassword"];
	
	}
	
	if ($result  = mysqli_query($mysql,$query2)) {
    $row = mysqli_fetch_assoc($result);
	$email = $row["Email"];
	$telephone = $row["Telephone"];
	$city = $row["City"];
	$state = $row["State"];
	
	}
	
	if ($result  = mysqli_query($mysql,$query3)) {
    $row = mysqli_fetch_assoc($result);
	$name = $row["Name"];
	
	}
	
	mysqli_close($mysql);
	/*
	AllUsers
	UserPassword
	
	NonAdmins
	Email
	Telephone
	City 
	State
	
	RegisteredUser
	Name
	*/
	echo'<form method="post" action="edit.php">
		 <br>Name:
    
		 <br><input type="text" name="name" value='.$name.'>

		 <br>
		 <BR>Password:

		 <BR><INPUT TYPE="PASSWORD" NAME="passwd" value='.$passwd.'>

		 <BR>
	     <BR>Email:

		 <BR><INPUT TYPE="TEXT" NAME="email" value='.$email.'>

		 <BR>  
		<br>Phone Number:
    
		<br><input type="text" name="phone" value='.$phone.'>

		<br>
    

		<br>City:
    
		<br><input type="text" name="city" value='.$city.'>

		<br>
    


		<br>State:
    
		<br><input type="text" name="state" value='.$state.'>

		<br>
		<input type="hidden" name="user_name" value='.$user_name.' />
		<input type="submit" name="edit_info" value="Submit Changes" /> 
		</form>';
}
echo '<a href="login.php">Log out</a>';
?>